www.getinfosec.news Open in urlscan Pro
2606:4700:3037::6815:3673 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents
Submission: On September 09 via api (September 9th 2021, 5:23:07 am UTC) from GB — Scanned from DE

Summary HTTP 47 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 21 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3037::6815:3673, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.getinfosec.news.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2021. Valid for: a year.

This is the only time www.getinfosec.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3037::6815:3673	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400e:803::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400e:810::2003	15169 (GOOGLE) (GOOGLE)
1	52.95.134.46 52.95.134.46	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:10:... 2606:4700:10::6816:92d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400e:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:80c::200e	15169 (GOOGLE) (GOOGLE)
3	2a02:6ea0:c90... 2a02:6ea0:c900::5	60068 (CDN77 ^_^) (CDN77 ^_^)
2	52.222.138.129 52.222.138.129	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400e:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:9::720 2a04:4e42:9::720	54113 (FASTLY) (FASTLY)
1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
1 1	207.241.224.2 207.241.224.2	7941 (INTERNET-...) (INTERNET-ARCHIVE)
1	207.241.232.190 207.241.232.190	7941 (INTERNET-...) (INTERNET-ARCHIVE)
1	92.122.192.25 92.122.192.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:b20... 2a02:26f0:b200:1b9::16c2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.42.231.203 52.42.231.203	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
47	22

10 2606:4700:3037::6815:3673 (United States)

ASN13335 (CLOUDFLARENET, US)

www.getinfosec.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:810::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.134.46 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

newsyapp.s3.ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:92d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.iconfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80f::2001 (Ireland)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

feeds.feedburner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c900::5 (Paris, France)

ASN60068 (CDN77 ^_^, GB)

img.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.138.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-138-129.ams50.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:80f::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:9::720 (United States)

ASN54113 (FASTLY, US)

the-public-domain-review.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

images.cointelegraph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.241.224.2 (San Francisco, United States) 1 redirects

ASN7941 (INTERNET-ARCHIVE, US)
PTR: www.archive.org

archive.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.241.232.190 (San Francisco, United States)

ASN7941 (INTERNET-ARCHIVE, US)
PTR: ia803400.us.archive.org

ia803400.us.archive.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.192.25 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-122-192-25.deploy.static.akamaitechnologies.com

a4.espncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:b200:1b9::16c2 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

i.dailymail.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.42.231.203 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-231-203.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	getinfosec.news www.getinfosec.news	515 KB
5	stripe.com js.stripe.com m.stripe.com	61 KB
4	iconfinder.com cdn2.iconfinder.com	20 KB
4	gstatic.com fonts.gstatic.com	74 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	icons8.com img.icons8.com	7 KB
2	archive.org 1 redirects archive.org ia803400.us.archive.org	32 KB
2	stripe.network m.stripe.network	20 KB
2	blogspot.com 1.bp.blogspot.com	8 KB
2	googletagmanager.com www.googletagmanager.com	81 KB
1	doubleclick.net stats.g.doubleclick.net	463 B
1	dailymail.co.uk i.dailymail.co.uk	49 KB
1	espncdn.com a4.espncdn.com	223 KB
1	cointelegraph.com images.cointelegraph.com	59 KB
1	imgix.net the-public-domain-review.imgix.net	242 KB
1	feedburner.com feeds.feedburner.com	360 B
1	amazonaws.com newsyapp.s3.ap-southeast-2.amazonaws.com	103 KB
1	unpkg.com unpkg.com	2 KB
1	jsdelivr.net cdn.jsdelivr.net	32 KB
1	cloudflare.com cdnjs.cloudflare.com	16 KB
1	googleapis.com fonts.googleapis.com	916 B
47	21

	Domain	Requested by
10	www.getinfosec.news	www.getinfosec.news
4	cdn2.iconfinder.com	www.getinfosec.news
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	img.icons8.com	www.getinfosec.news
3	js.stripe.com	www.getinfosec.news js.stripe.com
2	m.stripe.com	m.stripe.network
2	m.stripe.network	js.stripe.com m.stripe.network
2	1.bp.blogspot.com	www.getinfosec.news
2	www.googletagmanager.com	www.getinfosec.news www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	i.dailymail.co.uk	www.getinfosec.news
1	a4.espncdn.com	www.getinfosec.news
1	ia803400.us.archive.org	www.getinfosec.news
1	archive.org	1 redirects
1	images.cointelegraph.com	www.getinfosec.news
1	the-public-domain-review.imgix.net	www.getinfosec.news
1	feeds.feedburner.com	www.getinfosec.news
1	newsyapp.s3.ap-southeast-2.amazonaws.com	www.getinfosec.news
1	unpkg.com	www.getinfosec.news
1	cdn.jsdelivr.net	www.getinfosec.news
1	cdnjs.cloudflare.com	www.getinfosec.news
1	fonts.googleapis.com	www.getinfosec.news
47	23

This site contains links to these domains. Also see Links.

Domain
www.buymeacoffee.com
www.linkedin.com
www.facebook.com
twitter.com
ycombinator.info
www.miningfordudes.com
www.royaltyfreemusicdirect.com
www.49ers.news
scoopingly.com
getinfosecnews.blogspot.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-06` - `2022-07-05`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.s3-ap-southeast-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.icons8.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-13` - `2022-05-13`	2 years	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.cointelegraph.com R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
*.us.archive.org Go Daddy Secure Certificate Authority - G2	`2019-12-23` - `2022-02-21`	2 years	crt.sh
assets.espncdn.com R3	`2021-06-30` - `2021-09-28`	3 months	crt.sh
*.dailymail.co.uk DigiCert SHA2 Secure Server CA	`2021-02-16` - `2022-02-22`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents
Frame ID: A2522EFC4D9CC919C7636017F3C52FA8
Requests: 41 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Frame ID: E4DAA3195E2132EB36C84D896880F2B4
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 73F8772762D38AC9A569A44802890045
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New 0-Day Attack Targeting Windows Users With Microsoft Office Documents ⋅ Cyber Security News

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

47
Requests

100 %
HTTPS

65 %
IPv6

21
Domains

23
Subdomains

22
IPs

7
Countries

1566 kB
Transfer

3526 kB
Size

9
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.buymeacoffee.com/getinfosec
Title: Buy me a coffee

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents&title=New%200-Day%20Attack%20Targeting%20Windows%20Users%20With%20Microsoft%20Office%20Documents&summary=Microsoft%20on%20Tuesday%20warned%20of%20an%20actively%20exploited%20zero-day%20flaw%20impacting%20Internet%20Explorer%20that%27s%20being%20used%20to%20hijack%20vulnerable%20Windows%20systems%20&source=https://www.getinfosec.news

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=645057395962262&display=popup&href=https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=New%200-Day%20Attack%20Targeting%20Windows%20Users%20With%20Microsoft%20Office%20Documents&url=https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents

Search URL Search Domain Scan URL

URL: http://ycombinator.info/5406097/images-of-hatha-yoga-from-the-joga-pradipika-19th-century
Title: Images of Hatha Yoga from the Joga Pradīpikā (19th Century)

Search URL Search Domain Scan URL

URL: https://www.miningfordudes.com/4240780/austrian-regulators-call-for-stricter-crypto-regulations-amid-rising-fraud
Title: Austrian regulators call for stricter crypto regulations amid rising fraud

Search URL Search Domain Scan URL

URL: http://www.royaltyfreemusicdirect.com/5673178/gia-can-bo
Title: Giả Cán Bộ

Search URL Search Domain Scan URL

URL: https://www.49ers.news/6021560/san-francisco-49ers-2021-schedule-worst-to-first-a-possibility
Title: San Francisco 49ers 2021 schedule: Worst to first a possibility

Search URL Search Domain Scan URL

URL: http://scoopingly.com/5755390/thousands-of-chinese-revellers-attend-music-festival-wuhan-at-start-of-five-day-national-holiday
Title: Thousands of Chinese revellers attend music festival Wuhan at start of five-day national holiday

Search URL Search Domain Scan URL

URL: https://twitter.com/GetinfosecN

Search URL Search Domain Scan URL

URL: https://getinfosecnews.blogspot.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://archive.org/download/gtaaudio_19179/format=VBR+MP3&ignore=x.mp3 HTTP 302
https://ia803400.us.archive.org/25/items/gtaaudio_19179/am-hon-luc-nua-dem_chuong-130_nu-truyen-cam.mp3?ignore=x.mp3

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request new-0-day-attack-targeting-windows-users-with-microsoft-office-documents Show response
www.getinfosec.news/9239661/ 75 KB
21 KB 923ms
886ms Document
text/html 2606:4700:3037::6815:3673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 206691f596376cd492db9185f9a8007928c6a580971958d9e5cf8df3616c25f9

Request headers

:method: GET
:authority: www.getinfosec.news
:scheme: https
:path: /9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 09 Sep 2021 05:22:59 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0%3D; expires=Thu, 09-Sep-2021 07:22:59 GMT; Max-Age=7200; path=/ newsy_session=eyJpdiI6IlVpZTAwWFpyZzVEbDhVVXVrUVB1dWc9PSIsInZhbHVlIjoiVmNRVWNLUmRDODZCMGpyUFhIeXNGd212bVhCMVduK0g4a1RUaTB6U2xmS3RVemkzYXR4UXRqRDZYa3VqaTZESy9ZT1JveExvV3lnQkFOTzNvSDdrbnZ2a0JKQi9BMWRMaHRtUHlMUjk0d1hvY0xmLzdINzloNzNJN0lPT3hFMmEiLCJtYWMiOiI3ZTYwODEzYzQzZGM4NTg5MWNkMjJkYjc2ODdjN2M5MjlkMzc4NmE0NGM4M2E4Mjk0OWI2NjU0ZTg4YmQ2OTlmIn0%3D; expires=Thu, 09-Sep-2021 07:22:59 GMT; Max-Age=7200; path=/; httponly
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCpVfm7WtwlHNMJEU1Eqhidkit83CunitZpSltcaKtjTRKwrCpLg9vtL4PxZXLyoKX1P38nPgK7mCHZPjiPpXfOX1GfjRbSkbBiLei9BU9MBigQhELI57dgXN9OlxTGdCjo6GmhFczuS7%2F%2BGLchdHXnA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68bdfb5c5c9d5bed-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 3 KB
916 B 60ms
18ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 03:33:42 GMT
server: ESF
date: Thu, 09 Sep 2021 05:22:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Sep 2021 05:22:59 GMT

GET
H2 200 app.css
www.getinfosec.news/css/site/ 67 KB
11 KB 18ms
17ms Stylesheet
text/css 2606:4700:3037::6815:3673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getinfosec.news/css/site/app.css
Requested by: Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f5076d96f5660079f2b5f45bac9c79182edf8256a0644d056f5d76b115f4be

Request headers

:path: /css/site/app.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0%3D; newsy_session=eyJpdiI6IlVpZTAwWFpyZzVEbDhVVXVrUVB1dWc9PSIsInZhbHVlIjoiVmNRVWNLUmRDODZCMGpyUFhIeXNGd212bVhCMVduK0g4a1RUaTB6U2xmS3RVemkzYXR4UXRqRDZYa3VqaTZESy9ZT1JveExvV3lnQkFOTzNvSDdrbnZ2a0JKQi9BMWRMaHRtUHlMUjk0d1hvY0xmLzdINzloNzNJN0lPT3hFMmEiLCJtYWMiOiI3ZTYwODEzYzQzZGM4NTg5MWNkMjJkYjc2ODdjN2M5MjlkMzc4NmE0NGM4M2E4Mjk0OWI2NjU0ZTg4YmQ2OTlmIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.getinfosec.news
referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:22:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Aug 2021 14:52:23 GMT
server: cloudflare
age: 10
etag: W/"10d19-5c95de1f980c6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewKyJZt7OSW9lDNLaQkoRlQAgzkFkJkg26lgkxsrSrEDQvBZBA0tRE94R2cufOcHuYXM6PYEKa5HATIAvL3LQLPZ91wejNdwf73ONxVi3WgP81e%2Bud%2FPmzNeSYK16Bw7aLk%2F6ItSY3H%2F16RkmWDZ6pR4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68bdfb621b335bed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 arlo.css
www.getinfosec.news/css/site/ 11 KB
2 KB 15ms
15ms Stylesheet
text/css 2606:4700:3037::6815:3673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getinfosec.news/css/site/arlo.css
Requested by: Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccc66952c3716f381168ba983b96bf6f58a68d9f4ecf1ed960a10581b559acd3

Request headers

:path: /css/site/arlo.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0%3D; newsy_session=eyJpdiI6IlVpZTAwWFpyZzVEbDhVVXVrUVB1dWc9PSIsInZhbHVlIjoiVmNRVWNLUmRDODZCMGpyUFhIeXNGd212bVhCMVduK0g4a1RUaTB6U2xmS3RVemkzYXR4UXRqRDZYa3VqaTZESy9ZT1JveExvV3lnQkFOTzNvSDdrbnZ2a0JKQi9BMWRMaHRtUHlMUjk0d1hvY0xmLzdINzloNzNJN0lPT3hFMmEiLCJtYWMiOiI3ZTYwODEzYzQzZGM4NTg5MWNkMjJkYjc2ODdjN2M5MjlkMzc4NmE0NGM4M2E4Mjk0OWI2NjU0ZTg4YmQ2OTlmIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.getinfosec.news
referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:22:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 04:48:21 GMT
server: cloudflare
age: 10
etag: W/"2a2d-5c8a0652cf7d6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdnc5arBU3suk9f9ZuV%2Bv0Iw0GcoWr1%2FOsMDb8%2FGQey6CWRGTix%2FD4JvuLkiTQ077%2BzucUxRBHg6MNHgZlFeSllxCO19RurmEaaobm29nGZ09TpzRHo5LFsRDKK9WTPe8yZBXIdPI4MGEDuZwsyu0hoA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68bdfb621b345bed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
16 KB 74ms
29ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 123262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15508
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-d04c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITOS7pGbP8VVyROcZZ78OXNzhXKsdNL82BBLm%2FEVpiyDjQAuusY3CTlepYeZy%2FVQ5Boz4sjZ8idmVRGWf8VJ8Pp7nd5gGgoPuFoj6APReDLtWPioSP15DOV48cnvLBjhvIHU9AQbaw%2B3GyYjr%2FsyFmZQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68bdfb626e944224-AMS
expires: Tue, 30 Aug 2022 05:22:59 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.6.0/dist/ 87 KB
32 KB 68ms
25ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12009382
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19131-FRA, cache-ams21042-AMS
timing-allow-origin: *
server: cloudflare
etag: W/"15d9d-uC0jjU4x/fYYuuisEabIEsA90NQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 68bdfb626a2dbdd7-AMS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
41 KB 66ms
24ms Script
application/javascript 2a00:1450:400e:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-166935235-1

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4264587bd9b88e61a19925515353bf3f18f3ef58d13b11c98789bab4a63ed99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:22:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41242
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Sep 2021 05:22:59 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 238 KB
59 KB 65ms
7ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

24653521ae7359c74cc9e9afe1b9fb774fe17b68e0a774589f242ab7d252f865

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:22:59 GMT
content-encoding: br
vary: Accept-Encoding
age: 139
via: 1.1 varnish
x-cache: HIT
content-length: 59774
x-amz-id-2: Ko+dSXCJr0Y1i8P2u4QtqOYIxcp+22gPg0UOzTs6xF0XwDnaVxDZa58xTAMu3jALszOUZxOag3M=
x-served-by: cache-fra19142-FRA
timing-allow-origin: *
last-modified: Wed, 08 Sep 2021 18:50:25 GMT
server: AmazonS3
etag: "95bfed7e0ab96d79f9d8781dc1b31443"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 142VFJ33YR30ZW0G
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 19

GET
H2 200 vue-multiselect.min.css
unpkg.com/vue-multiselect@2.1.0/dist/ 7 KB
2 KB 79ms
36ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue-multiselect@2.1.0/dist/vue-multiselect.min.css

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddffc1fb5857d5643c0113e624d013e677a00538184616877dbce212abbbfc41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:22:59 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12009376
fly-request-id: 01F3YK3M8GH95H6CV821D5W6RS
content-encoding: br
vary: Accept-Encoding
last-modified: Sun, 18 Mar 2018 17:24:25 GMT
server: cloudflare
etag: W/"1c46-REXhA/xTGnqKrQ6n7ISPoCcwNxc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 68bdfb62ace72056-AMS

GET
H2 200 app.js Show response
www.getinfosec.news/js/site/content/ 2 MB
448 KB 26ms
25ms Script
application/javascript 2606:4700:3037::6815:3673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getinfosec.news/js/site/content/app.js
Requested by: Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ae4e1d884f3b1560e9620e27a1d69accc86fb04fe6b497c626c391c83be204

Request headers

:path: /js/site/content/app.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0%3D; newsy_session=eyJpdiI6IlVpZTAwWFpyZzVEbDhVVXVrUVB1dWc9PSIsInZhbHVlIjoiVmNRVWNLUmRDODZCMGpyUFhIeXNGd212bVhCMVduK0g4a1RUaTB6U2xmS3RVemkzYXR4UXRqRDZYa3VqaTZESy9ZT1JveExvV3lnQkFOTzNvSDdrbnZ2a0JKQi9BMWRMaHRtUHlMUjk0d1hvY0xmLzdINzloNzNJN0lPT3hFMmEiLCJtYWMiOiI3ZTYwODEzYzQzZGM4NTg5MWNkMjJkYjc2ODdjN2M5MjlkMzc4NmE0NGM4M2E4Mjk0OWI2NjU0ZTg4YmQ2OTlmIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.getinfosec.news
referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:22:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 13:03:01 GMT
server: cloudflare
age: 10
etag: W/"1aa1a7-5cb6762b7e1ea-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpP9ZwYQdv42SyPqUk7KK5wKec0rE50UZphn1PwSu6X4dqjVo%2FXIFIV0LoqEkvjrgNda0%2Fbn0c8R6KDs952aRh0PCM0wdpBGjWSTNTAQKtrEWXTAqtj3Am7QpbC0qr%2F25eHKgdqwvNhGDEKHrkpraYpd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68bdfb626b775bed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 59ms
16ms Font
font/woff2 2a00:1450:400e:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.getinfosec.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 00:07:10 GMT
x-content-type-options: nosniff
age: 18949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Sep 2022 00:07:10 GMT

GET
H2 200 feather-sprite.svg
www.getinfosec.news/img/ 58 KB
11 KB 17ms
17ms Other
image/svg+xml 2606:4700:3037::6815:3673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getinfosec.news/img/feather-sprite.svg
Requested by: Host: www.getinfosec.news
URL: https://www.getinfosec.news/js/site/content/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc2604e4b0c63665fe5c730c319b560b47ef23b9dad0e6a6b5a9192a428afe17

Request headers

:path: /img/feather-sprite.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0%3D; newsy_session=eyJpdiI6IlVpZTAwWFpyZzVEbDhVVXVrUVB1dWc9PSIsInZhbHVlIjoiVmNRVWNLUmRDODZCMGpyUFhIeXNGd212bVhCMVduK0g4a1RUaTB6U2xmS3RVemkzYXR4UXRqRDZYa3VqaTZESy9ZT1JveExvV3lnQkFOTzNvSDdrbnZ2a0JKQi9BMWRMaHRtUHlMUjk0d1hvY0xmLzdINzloNzNJN0lPT3hFMmEiLCJtYWMiOiI3ZTYwODEzYzQzZGM4NTg5MWNkMjJkYjc2ODdjN2M5MjlkMzc4NmE0NGM4M2E4Mjk0OWI2NjU0ZTg4YmQ2OTlmIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.getinfosec.news
referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:22:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 23:16:55 GMT
server: cloudflare
age: 4
etag: W/"e76b-597e37e41ab90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yy9uKjByUGarFnw5XkccMMU%2FjXmknYW7mthlnk8AeKO5%2BNGpX4tMsga0cbDZwrcFe6apc6grodwDDXxpM3L1DGSmsBAIzS3wdxfQCLySglZ%2F47vQv0BOLX0qD7ZYCT8XIiazfl8iXJhy0BgieDkKeImh"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68bdfb63cce75bed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 17ms
16ms Font
font/woff2 2a00:1450:400e:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.getinfosec.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:59:42 GMT
x-content-type-options: nosniff
age: 433397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Sep 2022 04:59:42 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 20ms
20ms Font
font/woff2 2a00:1450:400e:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.getinfosec.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:45:15 GMT
x-content-type-options: nosniff
age: 434264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Sep 2022 04:45:15 GMT

GET
H/1.1 200
OK 441-skull-4751587-640-1591904604.png
newsyapp.s3.ap-southeast-2.amazonaws.com/production/ 103 KB
103 KB 1225ms
328ms Image
image/png 52.95.134.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsyapp.s3.ap-southeast-2.amazonaws.com/production/441-skull-4751587-640-1591904604.png
Requested by: Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.134.46 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 92ea613270d1df64f254b35b96044cff459dcd34a5b8767743626866479ce38a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 09 Sep 2021 05:23:01 GMT
Last-Modified: Thu, 11 Jun 2020 19:43:26 GMT
Server: AmazonS3
x-amz-request-id: C7YTRFWTKVBSXW8R
ETag: "ea218222cfcc904c8979f90acd80fdee"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 105541
x-amz-id-2: 8KLNvPr1BCYvDyPnIOJAN3+b+d6MX0CFRG8Cz96zSoIPw4PyerYaiJuJ8G3BaS7ilA/HZku6PQg=

GET
H2 200 Jee-61-512.png
cdn2.iconfinder.com/data/icons/pinterest-ui/48/ 7 KB
7 KB 150ms
47ms Image
image/webp 2606:4700:10::6816:92d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.iconfinder.com/data/icons/pinterest-ui/48/Jee-61-512.png

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:92d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2969a29378d4ee5f0771e46e3d9e663a06ccc2101d97033442184fd7327355

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:23:00 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 378807
cf-polished: origFmt=png, origSize=16248
content-disposition: inline; filename="Jee-61-512.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7486
x-request-id: cc81c541-0791-40e9-b389-62bbd21b3e0c
expires: Fri, 09 Sep 2022 05:23:00 GMT
last-modified: Thu, 26 Aug 2021 20:45:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 68bdfb654e2f15e4-ARN
cf-bgj: imgq:100,h2pri

GET
H2 200 social_style_3_in-512.png
cdn2.iconfinder.com/data/icons/social-icon-3/512/ 4 KB
4 KB 156ms
53ms Image
image/webp 2606:4700:10::6816:92d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.iconfinder.com/data/icons/social-icon-3/512/social_style_3_in-512.png

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:92d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f76c3cf15fc3f9f7e8d4faa34bdc1df43d03c2009090db4e78542137768bb550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:23:00 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 337043
cf-polished: origFmt=png, origSize=11037
content-disposition: inline; filename="social_style_3_in-512.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3598
x-request-id: 8f069985-b828-468b-a54c-ea8e6e521f4e
expires: Fri, 09 Sep 2022 05:23:00 GMT
last-modified: Thu, 26 Aug 2021 09:00:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 68bdfb654e2715e4-ARN
cf-bgj: imgq:100,h2pri

GET
H2 200 social_style_3_facebook-512.png
cdn2.iconfinder.com/data/icons/social-icon-3/512/ 2 KB
3 KB 154ms
51ms Image
image/webp 2606:4700:10::6816:92d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.iconfinder.com/data/icons/social-icon-3/512/social_style_3_facebook-512.png

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:92d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca19963383a46a2cc4c97af98af5d81bd6935eb816a6be6bb8a6c1c7dab8591

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:23:00 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1382
cf-polished: origFmt=png, origSize=8003
content-disposition: inline; filename="social_style_3_facebook-512.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2418
x-request-id: 9165aa09-99da-4b72-b3b7-2caa9c47ee37
expires: Fri, 09 Sep 2022 05:23:00 GMT
last-modified: Wed, 01 Sep 2021 21:11:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 68bdfb654e2c15e4-ARN
cf-bgj: imgq:100,h2pri

GET
H2 200 social_style_3_twiter-512.png
cdn2.iconfinder.com/data/icons/social-icon-3/512/ 6 KB
6 KB 146ms
44ms Image
image/webp 2606:4700:10::6816:92d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.iconfinder.com/data/icons/social-icon-3/512/social_style_3_twiter-512.png

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:92d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dadb3cc5d2f39d2ce8d7086f952917fa40f2577c89a54977f4223618fc7d0541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:23:00 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 406560
cf-polished: origFmt=png, origSize=12958
content-disposition: inline; filename="social_style_3_twiter-512.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5712
x-request-id: 33cbe250-6a7f-4bc3-9c1a-2aa05473e17a
expires: Fri, 09 Sep 2022 05:23:00 GMT
last-modified: Thu, 26 Aug 2021 21:26:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 68bdfb654e2d15e4-ARN
cf-bgj: imgq:100,h2pri

GET
H2 200 microsoft-office-hack.jpg
1.bp.blogspot.com/-KnvkhCvOrtg/YTgvMst2aSI/AAAAAAAADvs/ibzrIC7hu6wR3f2vrtI3U2rW7SVg6UbKQCLcBGAsYHQ/s72-c-e100/ 3 KB
4 KB 65ms
14ms Image
image/jpeg 2a00:1450:400e:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-KnvkhCvOrtg/YTgvMst2aSI/AAAAAAAADvs/ibzrIC7hu6wR3f2vrtI3U2rW7SVg6UbKQCLcBGAsYHQ/s72-c-e100/microsoft-office-hack.jpg

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a9df9f0a6f550a18866137721b158cdd0e866f670c730f138c44fb3b3c373b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 01:55:57 GMT
x-content-type-options: nosniff
age: 12422
content-disposition: inline;filename="microsoft-office-hack.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3168
x-xss-protection: 0
server: fife
etag: "vefc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=8640000, no-transform
timing-allow-origin: *
expires: Fri, 17 Dec 2021 03:37:22 GMT

GET
H2 200 8XfTlHB1Kh8
feeds.feedburner.com/~r/TheHackersNews/~4/ 43 B
360 B 75ms
24ms Image
image/gif 2a00:1450:400e:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.feedburner.com/~r/TheHackersNews/~4/8XfTlHB1Kh8

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:22:59 GMT
x-content-type-options: nosniff
server: GSE
content-type: image/gif
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 09 Sep 2021 06:22:59 +0000

GET
H2 200 data Show response
www.getinfosec.news/comment/ 2 B
950 B 422ms
421ms XHR
application/json 2606:4700:3037::6815:3673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getinfosec.news/comment/data?contentId=9239661&siteId=441&orderBy=updated_at&orderType=desc
Requested by: Host: www.getinfosec.news
URL: https://www.getinfosec.news/js/site/content/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-fetch-mode: cors
x-xsrf-token: eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0=
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
cookie: XSRF-TOKEN=eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0%3D; newsy_session=eyJpdiI6IlVpZTAwWFpyZzVEbDhVVXVrUVB1dWc9PSIsInZhbHVlIjoiVmNRVWNLUmRDODZCMGpyUFhIeXNGd212bVhCMVduK0g4a1RUaTB6U2xmS3RVemkzYXR4UXRqRDZYa3VqaTZESy9ZT1JveExvV3lnQkFOTzNvSDdrbnZ2a0JKQi9BMWRMaHRtUHlMUjk0d1hvY0xmLzdINzloNzNJN0lPT3hFMmEiLCJtYWMiOiI3ZTYwODEzYzQzZGM4NTg5MWNkMjJkYjc2ODdjN2M5MjlkMzc4NmE0NGM4M2E4Mjk0OWI2NjU0ZTg4YmQ2OTlmIn0%3D
:path: /comment/data?contentId=9239661&siteId=441&orderBy=updated_at&orderType=desc
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: www.getinfosec.news
referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
X-XSRF-TOKEN: eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:23:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0wPW6xPfcIzYeaBvzhPcq6Gh7lDJ3uFG76nH6X94uDWyFSLHXw8gpbTNixQ9BcqcKPqYzfqiQ3fA21UkJC50c8Hz2AJjyh60tThsfZXLaiGh%2BbdKs77pkSSEF9C5RYoRDz2E%2BiNM2EsLiMDxo4sjz9X"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InJNczFVSVNZSkVYaUJtVjluNktOSmc9PSIsInZhbHVlIjoiRmE3K2hpejNDWWxwWlRUVkpkYVQvVTFwaHpzc01QcXdMZXQ4d0t4NEpRTHdOKzJFV2g2VTAzU0d5SjhXZlRLY0dZT3hSWmk1ZmQ3ZlJGZVJUOGpIeGllOE14c29BYmRPOHBFR0hGekN1aTV1Z0pjNnFVWC93RUYyVmhFNFdWZS8iLCJtYWMiOiJjZDQzYjEzNTVhMDM4Mzc0NjNiOGMwNWYxY2EzMzIyYjAxZmNhZDQ1ZWU0ZjM2OWUzNmNiZTRmZDdlYWI2NGJhIn0%3D; expires=Thu, 09-Sep-2021 07:23:00 GMT; Max-Age=7200; path=/ newsy_session=eyJpdiI6InQwWjZRV0c5RmZlc3FsV2ZPVWVxUmc9PSIsInZhbHVlIjoiTXdVQ2FxRWI2aloyMnZZSUdWLytPRmY2aG0vUVFINTlxNll1VlBnbTNSaFFJZWtsWklCWWszSHVnWmV4aHllT2ZPZFFvRkVORERwSmZxYXptUzRnYmxPWC90bVVJMGxsRWx5a291TGdFMFM4ME01NEpBQ1J0Ujcyd2IvRkZnc28iLCJtYWMiOiJhNmNlN2Q1OGE1M2EwMjU2OTc4NzlhNTUxMjkxMTNiZTY3MjUwYzY1NGMzMWI0Yjc1YmZlODgzYjFkYWU3MWY2In0%3D; expires=Thu, 09-Sep-2021 07:23:00 GMT; Max-Age=7200; path=/; httponly
cf-ray: 68bdfb649df65bed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2

GET
H2 200 related-contents Show response
www.getinfosec.news/content/ 12 KB
5 KB 208ms
208ms XHR
application/json 2606:4700:3037::6815:3673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getinfosec.news/content/related-contents?siteId=441&contentId=9239661&limit=5
Requested by: Host: www.getinfosec.news
URL: https://www.getinfosec.news/js/site/content/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee3131f75a3a0e9d3493e9b1db464664c88536e55a7c7d07095132f9e695c773

Request headers

sec-fetch-mode: cors
x-xsrf-token: eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0=
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
cookie: XSRF-TOKEN=eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0%3D; newsy_session=eyJpdiI6IlVpZTAwWFpyZzVEbDhVVXVrUVB1dWc9PSIsInZhbHVlIjoiVmNRVWNLUmRDODZCMGpyUFhIeXNGd212bVhCMVduK0g4a1RUaTB6U2xmS3RVemkzYXR4UXRqRDZYa3VqaTZESy9ZT1JveExvV3lnQkFOTzNvSDdrbnZ2a0JKQi9BMWRMaHRtUHlMUjk0d1hvY0xmLzdINzloNzNJN0lPT3hFMmEiLCJtYWMiOiI3ZTYwODEzYzQzZGM4NTg5MWNkMjJkYjc2ODdjN2M5MjlkMzc4NmE0NGM4M2E4Mjk0OWI2NjU0ZTg4YmQ2OTlmIn0%3D
:path: /content/related-contents?siteId=441&contentId=9239661&limit=5
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: www.getinfosec.news
referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
X-XSRF-TOKEN: eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:23:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQvD1wFgBlf7%2BtQjHBZ9lVjvDPJzhEdSyL9thf706QsPLSrBI9QrNAucoJmfaI7186L5TIfHWhpxmZnxZLe9JIhOmmv868gfJJh%2B8UD%2F1Oq5CA9ZKcaoTXP4bOkdwJP1ecwSpO52%2F6k57o2YVtRrLoYN"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IithWUpleUdWMW9GK1ZOb0NVbWtPaVE9PSIsInZhbHVlIjoicTM3WXpqTW1reDVNVFNKZElXalhGbTZIVEdsaWFiNVlwQXYyMXJiR2VJKzVyR0NBdGdYN3pIbVBXSDJ0VXlvRFpyTXhEaURpaHZ6WE0vTEpMckxJTFpoV2xuQ3RHRld6UmVNY2tscFFBOUhrNFZnVkZqTE91aXFCc013VVpGdHQiLCJtYWMiOiI0ZTU1MjFjOWM4NmE5YTZhZjA2YTM3YzQzZDY0Nzc3MjRiZGJjZjY0NjJlNDJhM2U1MzQ1NmFiMDgxNmZhM2VmIn0%3D; expires=Thu, 09-Sep-2021 07:23:00 GMT; Max-Age=7200; path=/ newsy_session=eyJpdiI6IjlvT1dVOE9udTFTWXFMNHVDR01wY2c9PSIsInZhbHVlIjoiRU0zb1RPZkxTMnlvMTNDTmJqS1E0TlpXdkgwOVU2eXV5Q3h6eWxjNzdOeFozS0FuSUR2YXNxUjBEU1B0SHNLQUZxUlZrSDlpRDN3ZldYN3c1OU9hRWlZRE5SZXJueUJXYlVGVWJXUkpJejJxUlB6WFRHQzF6cy94WmRGbVp5SHIiLCJtYWMiOiI3MmI2ZWQ4OGU5NTUyNTU3MjFiYzJmMmNiMDUxMjU1MTRhYWYwZGMyNDMzYzdlODFlOWQ3MjQ1ODViMjdhMzZkIn0%3D; expires=Thu, 09-Sep-2021 07:23:00 GMT; Max-Age=7200; path=/; httponly
cf-ray: 68bdfb649df75bed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 most-discussed Show response
www.getinfosec.news/content/ 4 KB
3 KB 1159ms
1158ms XHR
application/json 2606:4700:3037::6815:3673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getinfosec.news/content/most-discussed?siteId=441&limit=3&period=7
Requested by: Host: www.getinfosec.news
URL: https://www.getinfosec.news/js/site/content/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79d5c4a8dea63688823d68124f9c157aa38c0c2ec934d7a728d980226096649a

Request headers

sec-fetch-mode: cors
x-xsrf-token: eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0=
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
cookie: XSRF-TOKEN=eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0%3D; newsy_session=eyJpdiI6IlVpZTAwWFpyZzVEbDhVVXVrUVB1dWc9PSIsInZhbHVlIjoiVmNRVWNLUmRDODZCMGpyUFhIeXNGd212bVhCMVduK0g4a1RUaTB6U2xmS3RVemkzYXR4UXRqRDZYa3VqaTZESy9ZT1JveExvV3lnQkFOTzNvSDdrbnZ2a0JKQi9BMWRMaHRtUHlMUjk0d1hvY0xmLzdINzloNzNJN0lPT3hFMmEiLCJtYWMiOiI3ZTYwODEzYzQzZGM4NTg5MWNkMjJkYjc2ODdjN2M5MjlkMzc4NmE0NGM4M2E4Mjk0OWI2NjU0ZTg4YmQ2OTlmIn0%3D
:path: /content/most-discussed?siteId=441&limit=3&period=7
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: www.getinfosec.news
referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
X-XSRF-TOKEN: eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:23:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2c2oL4OPMFivlGslbBKq%2BsdPCREHWkzWozhOiQnFN8J9XeW4WJosLOyy19Zt9b7GZyYeGC1fO2%2BCf1yxPSx9sfIlJEPjJRnHJZofZB9FFoYJ8qiUTRCZhCkAWhpol3FleKTOIBiLCN3NtOc92XazaiRr"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Ik5lbVhBL2FIMXRJamcveTNOY25ZQXc9PSIsInZhbHVlIjoiUkMvT2tKeUhOSEdndW5iYlc0SndIbW5iaHZUaTJjUm1oVHllbDFQMDBpUzk2L2t5MXZVR1M3dmpSaFFLak5CTmZDb1UwYUs1eWtsenBnS3V6cG5rV1JETDhtTFRLMUo2czAwVEp4ZGZHa1N2MHg5MTBybDVqTVl6RXNsSmEzWFAiLCJtYWMiOiI5ZWIzNWM0ZTQyZjNhYzVjMWVhYWYwNGZiYzJkMmVhYTZmNTRjNGJlOWZhYmFmNjgwZmRlZmRiZTk0OTU4M2JhIn0%3D; expires=Thu, 09-Sep-2021 07:23:01 GMT; Max-Age=7200; path=/ newsy_session=eyJpdiI6InBtL3d0ZXBkekV6Ykx2cDNMRGl0b0E9PSIsInZhbHVlIjoiT200Y1c5cFNCRStqV0UyaE1WRkhPVEM3Ym9RSjIyZE9nSmhYbWZRaDJlQlRIbmZ0eW5ZUVVpQlQxMVR6Tkx2VnpIOHo2bytLZU1XLzM5cHdLZnVyMjUrZld2UnNpTGhVZ3BvNmxON00vb2w4SEFUMUd0dXovZXZodXZtM3pVcGciLCJtYWMiOiJjMzBmZmE1ODk1MWVkNzAyNzczYzMzMzQzZjhkZDkzNmY4YTM3MGQ1MTk1ZWE4YTcxNWU5YjkyMWU0ODE4Mzk2In0%3D; expires=Thu, 09-Sep-2021 07:23:01 GMT; Max-Age=7200; path=/; httponly
cf-ray: 68bdfb649dfa5bed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 twitter.png
img.icons8.com/fluent/96/000000/ 3 KB
3 KB 99ms
16ms Image
image/png 2a02:6ea0:c900::5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/fluent/96/000000/twitter.png

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c900::5 Paris, France, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

ebe7f14bba97f98b8bfc5d1e959dbbfe26509adc4bfb32b27f55b52d204776d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop: parisFR
date: Thu, 09 Sep 2021 05:23:00 GMT
icon-size: 96
x-content-type-options: nosniff
memory-svg-cache: true
access-control-allow-origin: *
from-cache: false
from-svg-cache: true
icon-format: png
x-cache: HIT
x-age: 250816
x-dns-prefetch-control: off
content-length: 2736
x-xss-protection: 1; mode=block
x-77-nzt: AbldAgENMSrvwNMDAA==
x-accel-expires: @1631216564
not-found-platform: false
last-modified: Sun, 05 Sep 2021 10:43:16 GMT
server: CDN77-Turbo
x-77-nzt-ray: O0Ke1BqvKfY=
x-download-options: noopen
x-77-cache: HIT
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
memory-cache: true
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=302400
icon-id: 5MQ0gPAYYx7a
accept-ranges: bytes
version: 0.1.0-SNAPSHOT.20210708094533320

GET
H2 200 tumblr.png
img.icons8.com/color/96/000000/ 1 KB
2 KB 372ms
291ms Image
image/png 2a02:6ea0:c900::5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/color/96/000000/tumblr.png

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c900::5 Paris, France, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

e9db9f4845d50ce4cfb88a6d0f81f3ce432e2d0893684b5c4819c87732b6b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop: parisFR
date: Thu, 09 Sep 2021 05:23:00 GMT
icon-size: 96
x-content-type-options: nosniff
memory-svg-cache: true
access-control-allow-origin: *
from-cache: false
from-svg-cache: true
icon-format: png
x-cache: EXPIRED
x-age: 306731
x-dns-prefetch-control: off
content-length: 1381
x-xss-protection: 1; mode=block
x-77-nzt: AbldAgFZBzzLK64EAA==
x-accel-expires: @1631467380
not-found-platform: false
last-modified: Wed, 08 Sep 2021 09:46:00 GMT
server: CDN77-Turbo
x-77-nzt-ray: uxlQVNb53zM=
x-download-options: noopen
x-77-cache: MISS
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
memory-cache: false
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=302400
icon-id: 13976
accept-ranges: bytes
version: 0.1.0-SNAPSHOT.20210708094643665

GET
H2 200 blogger.png
img.icons8.com/color/96/000000/ 1 KB
2 KB 100ms
18ms Image
image/png 2a02:6ea0:c900::5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/color/96/000000/blogger.png

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c900::5 Paris, France, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

a1a8769db6fd1e983f9dba8483855c7d9486e4ba9ca39c85bd352ad80ab74094

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop: parisFR
date: Thu, 09 Sep 2021 05:23:00 GMT
icon-size: 96
x-content-type-options: nosniff
memory-svg-cache: true
access-control-allow-origin: *
from-cache: false
from-svg-cache: true
icon-format: png
x-cache: HIT
x-age: 194917
x-dns-prefetch-control: off
content-length: 1368
x-xss-protection: 1; mode=block
x-77-nzt: AbldAgFUQ+7/ZfkCAA==
x-accel-expires: @1631272463
not-found-platform: false
last-modified: Sun, 05 Sep 2021 23:21:34 GMT
server: CDN77-Turbo
x-77-nzt-ray: DAV/5fD8k5g=
x-download-options: noopen
x-77-cache: HIT
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
memory-cache: true
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=302400
icon-id: 65072
accept-ranges: bytes
version: 0.1.0-SNAPSHOT.20210708094533320

POST
H2 200 activity Show response
www.getinfosec.news/auth/ 0
972 B 431ms
431ms XHR
text/html 2606:4700:3037::6815:3673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getinfosec.news/auth/activity
Requested by: Host: www.getinfosec.news
URL: https://www.getinfosec.news/js/site/content/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://www.getinfosec.news
x-xsrf-token: eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0=
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: XSRF-TOKEN=eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0%3D; newsy_session=eyJpdiI6IlVpZTAwWFpyZzVEbDhVVXVrUVB1dWc9PSIsInZhbHVlIjoiVmNRVWNLUmRDODZCMGpyUFhIeXNGd212bVhCMVduK0g4a1RUaTB6U2xmS3RVemkzYXR4UXRqRDZYa3VqaTZESy9ZT1JveExvV3lnQkFOTzNvSDdrbnZ2a0JKQi9BMWRMaHRtUHlMUjk0d1hvY0xmLzdINzloNzNJN0lPT3hFMmEiLCJtYWMiOiI3ZTYwODEzYzQzZGM4NTg5MWNkMjJkYjc2ODdjN2M5MjlkMzc4NmE0NGM4M2E4Mjk0OWI2NjU0ZTg4YmQ2OTlmIn0%3D
content-length: 319
:path: /auth/activity
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json;charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: www.getinfosec.news
referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
X-XSRF-TOKEN: eyJpdiI6InB3dWVqV2p4d0RWYkN6ZVhEMTlpWXc9PSIsInZhbHVlIjoiejZaL1ZWNGZpZjZGVE5leWg5eXQyUlpVZVhYSGgzdTNFS2VNSktXRjFWYTZ0VGF2SDhudTFZeU5oV3pFekxIRVNDVngwcUx6amNLb2dYak9wT2V4dVlDdzBxU2plSzM3OGI4OGljVDFrOVJ6M0hoU2tPUkpTVUFpQlFpTEZ4QnoiLCJtYWMiOiJjYzhlM2JmYTZiMDg1MDg3MjBhY2M1NjgyZDA0Y2NlZDQyNzViZTRmOTRjNzA0ODE0ZjcwODg5ZmYxNzFhYTRhIn0=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 09 Sep 2021 05:23:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sS5aZvWcrCP8JhXF0shJ5sVf4FU5ENrxVQDde3k%2BRFwS8TsUsu%2FZqrhqRD4RRRJg72L3m8Qw2DvlkSjPwWYZDajByV0B2GFmalKU7w430kbYql69EfR95Yh%2Bb5C%2FLW3oipWcTcHAqRE%2FXkrZHpBr2yjr"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImdWTktFZk5GVTdYS2hnL2l4Tngxa3c9PSIsInZhbHVlIjoiTVRPS1NQdGhkUUhQTEZFZDVZM0RobjRsS0ZoMU52bFBFOWlsaFBiUVlLbXBmOGVHMkJla2xPUWZjRHpVQWg5eTFxcndmK2ppd0JNREhQa05rNmd1VTF6TXNob3d5U1JGUDhQRVJrSG5DNlMyOTZhSDlKYWErZ2tCSUNIUHMySXQiLCJtYWMiOiJiMzc2MDMwMjI0ODY0Yjc1OTU2ZmU3NTMxNGI1NjRhYjhmMDE1YWEwYzE1ZjgwZmJlMzg5OTNlYTNiYzNmMGNjIn0%3D; expires=Thu, 09-Sep-2021 07:23:00 GMT; Max-Age=7200; path=/ newsy_session=eyJpdiI6ImNwSWVDNXB6YmY2bWhvNHM5VTdHZFE9PSIsInZhbHVlIjoiS1dLQy8raDhKUVk3eVhZeFUxN2pIT3hEZzVha2R2MmxJNDRJZ0ZFSjYyRFBqbzRua1o1ZFI1UUloQTlLOWlVcllxcDVGeEtiSkR6ZThDSEJQR2JZZmVqcnFqN1ZTTm11MlpiZ3k2cElxdmZrRGdaYVJFTkVxL2ZaZHVGSFJrSnAiLCJtYWMiOiJmM2RlMWExZDRiMDlmNGZiZmUzYTgyMmM2MTZhODU1ZjI5N2E0ZmI2MTZhMjA3MTVlYzhjNzVjM2FjMGIzMjg0In0%3D; expires=Thu, 09-Sep-2021 07:23:00 GMT; Max-Age=7200; path=/; httponly
cf-ray: 68bdfb649dff5bed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 m-outer-9475bd26486e6119b23924eebd3d561a.html Show response
js.stripe.com/v3/ Frame E4DA 215 B
510 B 8ms
7ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.getinfosec.news/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/

Response headers

x-amz-id-2: l5Na+8ApgEBEB2regdU/34V34kg7XO/YieiWDH8WAZ8PBDzYy46VodWo5/oMlfTDaha9TYU4III=
x-amz-request-id: C1CPKKJXVJS92MFZ
last-modified: Wed, 01 Sep 2021 21:34:43 GMT
etag: "9475bd26486e6119b23924eebd3d561a"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Thu, 09 Sep 2021 05:22:59 GMT
via: 1.1 varnish
age: 152
x-served-by: cache-fra19142-FRA
x-cache: HIT
x-cache-hits: 106
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 130

GET
H2 200 m-outer-f045e3b6b64aa0e635a6cabefc84daae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E4DA 1 KB
840 B 31ms
1ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:23:00 GMT
content-encoding: br
vary: Accept-Encoding
age: 150
via: 1.1 varnish
x-cache: HIT
content-length: 637
x-amz-id-2: oWkmpgeBsIeOMJVKmFdg2P4O4q6rqON/mkzlrOx20HS9LXjBnrNzNwGyO3SFzA4LBdU/lsoned4=
x-served-by: cache-fra19142-FRA
timing-allow-origin: *
last-modified: Wed, 01 Sep 2021 21:34:46 GMT
server: AmazonS3
etag: "01f873d478053c6a0368329ea08f7a10"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: H633CXVR7MQDG75P
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 96

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 43ms
18ms Script
application/javascript 2a00:1450:400e:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-153426991-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166935235-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7bc44c473e8ac0f06b0d35b1d56f32c3debad196844dfc2a0a1d8b1fbf6eb645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:23:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41251
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Sep 2021 05:23:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 73F8 932 B
1 KB 59ms
13ms Document
text/html 52.222.138.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.138.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-138-129.ams50.r.cloudfront.net

Software

nginx /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Thu, 09 Sep 2021 05:18:07 GMT
cache-control: public, max-age=300
etag: W/"6114649b-3a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dd133741afef09b02f3e6afd7cb39f40.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: C3oD2ezNJSXqz97M6hIR0XJ3TtzYW_UGfy2OcUP136tSLWEIqsdEig==
age: 293

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 58ms
14ms Script
text/javascript 2a00:1450:400e:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153426991-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5556
date: Thu, 09 Sep 2021 03:50:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 09 Sep 2021 05:50:24 GMT

GET
H2 200 yoga-poses-thumb.jpg
the-public-domain-review.imgix.net/collections/hatha-yoga-images-from-the-joga-pradipika/ 242 KB
242 KB 63ms
13ms Image
image/jpeg 2a04:4e42:9::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://the-public-domain-review.imgix.net/collections/hatha-yoga-images-from-the-joga-pradipika/yoga-poses-thumb.jpg

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:9::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a737a32f03d9f7e02a817d5a916c9633f920248ce0b22344c356e88ca8dd7518

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:23:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Apr 2021 17:33:44 GMT
server: imgix
age: 1545141
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 57abca2fab943e02ebaa667de59ea356666ea366
accept-ranges: bytes
content-length: 247503
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10034-SJC, cache-ams21071-AMS

GET
H2 200 840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjEtMDIvMGU5MjdlNjUtMTM3ZS00ZDc3LWFhZmUtMTYwMmExODhiMDcxLmpwZw==.jpg
images.cointelegraph.com/images/ 58 KB
59 KB 44ms
8ms Image
image/webp 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.cointelegraph.com/images/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjEtMDIvMGU5MjdlNjUtMTM3ZS00ZDc3LWFhZmUtMTYwMmExODhiMDcxLmpwZw==.jpg
Requested by: Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d8cb41a746018d6a10cdc6eb0401664494d7d0e6dbda80d6b86be570febd9efb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Wc8zPPcFBXebAf8wFvZrF9XMJUEnagIF
x-node: ds28
age: 585920
etag: "SXXAYsxdfkEIQLQJDwp659oortXKy9HsnjCZjmSq5dM"
vary: Accept
x-cache: HIT, HIT
fastly-io-info: ifsz=173587 idim=840x560 ifmt=jpeg ofsz=59694 odim=840x560 ofmt=webp
cache-control: max-age=31536000
date: Thu, 09 Sep 2021 05:23:00 GMT
fastly-stats: io=1
accept-ranges: bytes
content-type: image/webp
content-length: 59694

GET
H2

200

am-hon-luc-nua-dem_chuong-130_nu-truyen-cam.mp3
ia803400.us.archive.org/25/items/gtaaudio_19179/
Redirect Chain

https://archive.org/download/gtaaudio_19179/format=VBR+MP3&ignore=x.mp3
https://ia803400.us.archive.org/25/items/gtaaudio_19179/am-hon-luc-nua-dem_chuong-130_nu-truyen-cam.mp3?ignore=x.mp3

32 KB
32 KB

849ms
164ms

Image
audio/mpeg

207.241.232.190
INTERNET-ARCHIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ia803400.us.archive.org/25/items/gtaaudio_19179/am-hon-luc-nua-dem_chuong-130_nu-truyen-cam.mp3?ignore=x.mp3

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.241.232.190 San Francisco, United States, ASN7941 (INTERNET-ARCHIVE, US),

Reverse DNS

ia803400.us.archive.org

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:23:01 GMT
last-modified: Tue, 18 May 2021 23:41:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "60a450b4-5e2c67"
strict-transport-security: max-age=15724800
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=21600
accept-ranges: bytes
content-length: 6171751
expires: Thu, 09 Sep 2021 11:23:01 GMT

Redirect headers

location: https://ia803400.us.archive.org/25/items/gtaaudio_19179/am-hon-luc-nua-dem_chuong-130_nu-truyen-cam.mp3?ignore=x.mp3
date: Thu, 09 Sep 2021 05:23:00 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
strict-transport-security: max-age=15724800
content-type: text/html; charset=UTF-8

GET
H2 200 i
a4.espncdn.com/combiner/ 223 KB
223 KB 403ms
30ms Image
image/jpeg 92.122.192.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4.espncdn.com/combiner/i?img=%2Fphoto%2F2020%2F1027%2Fr766892_1296x729_16%2D9.jpg
Requested by: Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.192.25 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-122-192-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 56f143801e13f9954cbeeea82f8e6d82b59d74305caee655394b1b631edbd811

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:23:00 GMT
last-modified: Thu, 09 Sep 2021 03:40:19 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=80147
accept-ranges: bytes
content-length: 227902
expires: Fri, 10 Sep 2021 03:38:47 GMT

GET
H2 200 42474488-0-image-a-108_1619952825892.jpg
i.dailymail.co.uk/1s/2021/05/02/11/ 48 KB
49 KB 178ms
15ms Image
image/avif 2a02:26f0:b200:1b9::16c2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.dailymail.co.uk/1s/2021/05/02/11/42474488-0-image-a-108_1619952825892.jpg
Requested by: Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b200:1b9::16c2 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a221176dcb5730f2d57dcd643c210ed97a4d4a575a8c0cdd102246a606f00df4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 22uVbBtzs7s_6x9TgS3Cw8B2cu9OlQFT
last-modified: Sun, 02 May 2021 10:53:48 GMT
server: AmazonS3
x-amz-request-id: 7EQ4CR329286J8R1
etag: "0dcb66c28e18a40e4f761623d4bc4aca"
x-mol-img: avif
content-type: image/avif
cache-control: max-age=2592000
date: Thu, 09 Sep 2021 05:23:00 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
timing-allow-origin: *
content-length: 49653
x-amz-id-2: v+sOMEwYjwuEhjIwiO+f5osOGldZwnUctCS59jIiBSVgKa0au4D1am6LLHadWgX2S805sdTrLSc=
expires: Sat, 09 Oct 2021 05:23:00 GMT

GET
H2 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v20/ 5 KB
5 KB 14ms
13ms Font
font/woff2 2a00:1450:400e:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b7ad361cce9dbab34c8fd714b379707d7aa40199bf90b90f9f19c7c1db5171b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.getinfosec.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 18:47:36 GMT
x-content-type-options: nosniff
age: 297324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5480
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:00 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Sep 2022 18:47:36 GMT

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame 73F8 85 KB
19 KB 15ms
14ms Script
application/x-javascript 52.222.138.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.138.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-138-129.ams50.r.cloudfront.net

Software

nginx /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"6114649b-154bc"
age: 68
x-cache: Hit from cloudfront
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
server: nginx
date: Thu, 09 Sep 2021 05:21:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 dd133741afef09b02f3e6afd7cb39f40.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: AMS50-C1
timing-allow-origin: *
x-amz-cf-id: z-bAWinWpeheQBi09FduLbdLTyMXv7khLi7sT1DIuvoVXe7Dr4bXtw==

POST
H2 200 6 Show response
m.stripe.com/ Frame 73F8 156 B
516 B 520ms
178ms XHR
text/plain 52.42.231.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.231.203 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-231-203.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

98d3a5fccaa779d0ec575379352e0db67f0586a187beea6418c778c5f3df6f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 Sep 2021 05:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 20ms
19ms XHR
text/plain 2a00:1450:400e:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1724018381&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getinfosec.news%2F9239661%2Fnew-0-day-attack-targeting-windows-users-with-microsoft-office-documents&ul=en-us&de=UTF-8&dt=New%200-Day%20Attack%20Targeting%20Windows%20Users%20With%20Microsoft%20Office%20Documents%20%E2%8B%85%20Cyber%20Security%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1086343719&gjid=74382917&cid=1037315086.1631164980&tid=UA-153426991-1&_gid=1034184190.1631164980&_r=1&gtm=2ou910&z=832007116

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getinfosec.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 05:23:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.getinfosec.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 18ms
18ms XHR
text/plain 2a00:1450:400e:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1724018381&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getinfosec.news%2F9239661%2Fnew-0-day-attack-targeting-windows-users-with-microsoft-office-documents&ul=en-us&de=UTF-8&dt=New%200-Day%20Attack%20Targeting%20Windows%20Users%20With%20Microsoft%20Office%20Documents%20%E2%8B%85%20Cyber%20Security%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1128177635&gjid=425382232&cid=1037315086.1631164980&tid=UA-166935235-1&_gid=1034184190.1631164980&_r=1&gtm=2ou910&z=726458651

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getinfosec.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 05:23:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.getinfosec.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
463 B 60ms
16ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-166935235-1&cid=1037315086.1631164980&jid=1128177635&gjid=425382232&_gid=1034184190.1631164980&_u=YEDAAUABAAAAAC~&z=929225946

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getinfosec.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 09 Sep 2021 05:23:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.getinfosec.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 windows.jpg
1.bp.blogspot.com/-WK9xrOIlPVc/X-RYcAJN2cI/AAAAAAAABV4/SYDr63wXxioAhyy_OmTToTSb2-lArPb5ACLcBGAsYHQ/s72-c-e100/ 5 KB
5 KB 14ms
14ms Image
image/jpeg 2a00:1450:400e:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-WK9xrOIlPVc/X-RYcAJN2cI/AAAAAAAABV4/SYDr63wXxioAhyy_OmTToTSb2-lArPb5ACLcBGAsYHQ/s72-c-e100/windows.jpg

Requested by

Host: www.getinfosec.news
URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

18b93b90b196be3a9a206f050bfecd787220f9103dc9aa8c0349b41b5ac4e5e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:22:56 GMT
x-content-type-options: nosniff
age: 5
content-disposition: inline;filename="windows.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4851
x-xss-protection: 0
server: fife
etag: "v55f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=8640000, no-transform
timing-allow-origin: *
expires: Fri, 17 Dec 2021 09:35:18 GMT

GET
H2 200 feather-sprite.svg
www.getinfosec.news/img/ 58 KB
11 KB 24ms
23ms Other
image/svg+xml 2606:4700:3037::6815:3673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getinfosec.news/img/feather-sprite.svg
Requested by: Host: www.getinfosec.news
URL: https://www.getinfosec.news/js/site/content/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc2604e4b0c63665fe5c730c319b560b47ef23b9dad0e6a6b5a9192a428afe17

Request headers

:path: /img/feather-sprite.svg
pragma: no-cache
cookie: _ga=GA1.2.1037315086.1631164980; _gid=GA1.2.1034184190.1631164980; _gat_gtag_UA_153426991_1=1; _gat_gtag_UA_166935235_1=1; __stripe_mid=d841d2c6-38f7-441b-ac81-4e4d1e97899abb38b1; __stripe_sid=a4a09f86-1b83-4aa3-8e7c-391b312a15ba5ae7e6; XSRF-TOKEN=eyJpdiI6Ik5lbVhBL2FIMXRJamcveTNOY25ZQXc9PSIsInZhbHVlIjoiUkMvT2tKeUhOSEdndW5iYlc0SndIbW5iaHZUaTJjUm1oVHllbDFQMDBpUzk2L2t5MXZVR1M3dmpSaFFLak5CTmZDb1UwYUs1eWtsenBnS3V6cG5rV1JETDhtTFRLMUo2czAwVEp4ZGZHa1N2MHg5MTBybDVqTVl6RXNsSmEzWFAiLCJtYWMiOiI5ZWIzNWM0ZTQyZjNhYzVjMWVhYWYwNGZiYzJkMmVhYTZmNTRjNGJlOWZhYmFmNjgwZmRlZmRiZTk0OTU4M2JhIn0%3D; newsy_session=eyJpdiI6InBtL3d0ZXBkekV6Ykx2cDNMRGl0b0E9PSIsInZhbHVlIjoiT200Y1c5cFNCRStqV0UyaE1WRkhPVEM3Ym9RSjIyZE9nSmhYbWZRaDJlQlRIbmZ0eW5ZUVVpQlQxMVR6Tkx2VnpIOHo2bytLZU1XLzM5cHdLZnVyMjUrZld2UnNpTGhVZ3BvNmxON00vb2w4SEFUMUd0dXovZXZodXZtM3pVcGciLCJtYWMiOiJjMzBmZmE1ODk1MWVkNzAyNzczYzMzMzQzZjhkZDkzNmY4YTM3MGQ1MTk1ZWE4YTcxNWU5YjkyMWU0ODE4Mzk2In0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.getinfosec.news
referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 05:23:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Nov 2019 23:16:55 GMT
server: cloudflare
age: 7
etag: W/"e76b-597e37e41ab90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHzlej5VVReHV%2FQuHbFraUlUVkaLz6FX1rF%2FSfLEN%2FNMcsTlGl3e%2BPkb%2BNpVODykj5Zmui9nfoaTUVO8cg4dKQYKqCqA2JKi3KCRzNtMZg9ZgvJMX3I3Ljha%2FHJ7luVPBf%2FcFtWFpTc7MFF9PeVm4cDt"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68bdfb776b1b5bed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 6 Show response
m.stripe.com/ Frame 73F8 156 B
515 B 167ms
166ms XHR
text/plain 52.42.231.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.231.203 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-231-203.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

98d3a5fccaa779d0ec575379352e0db67f0586a187beea6418c778c5f3df6f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 Sep 2021 05:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.getinfosec.news/	1970-01-20 14:37:16	Name: _ga Value: GA1.2.1037315086.1631164980
.getinfosec.news/	1970-01-19 21:07:31	Name: _gid Value: GA1.2.1034184190.1631164980
.getinfosec.news/	1970-01-19 21:06:05	Name: _gat_gtag_UA_153426991_1 Value: 1
.getinfosec.news/	1970-01-19 21:06:05	Name: _gat_gtag_UA_166935235_1 Value: 1
m.stripe.com/	1970-01-20 14:37:16	Name: m Value: 3197dda3-2314-40bb-af37-b134dc859186572471
.www.getinfosec.news/	1970-01-20 05:51:40	Name: __stripe_mid Value: d841d2c6-38f7-441b-ac81-4e4d1e97899abb38b1
.www.getinfosec.news/	1970-01-19 21:06:06	Name: __stripe_sid Value: a4a09f86-1b83-4aa3-8e7c-391b312a15ba5ae7e6
www.getinfosec.news/	1970-01-19 21:06:12	Name: XSRF-TOKEN Value: eyJpdiI6Ik5lbVhBL2FIMXRJamcveTNOY25ZQXc9PSIsInZhbHVlIjoiUkMvT2tKeUhOSEdndW5iYlc0SndIbW5iaHZUaTJjUm1oVHllbDFQMDBpUzk2L2t5MXZVR1M3dmpSaFFLak5CTmZDb1UwYUs1eWtsenBnS3V6cG5rV1JETDhtTFRLMUo2czAwVEp4ZGZHa1N2MHg5MTBybDVqTVl6RXNsSmEzWFAiLCJtYWMiOiI5ZWIzNWM0ZTQyZjNhYzVjMWVhYWYwNGZiYzJkMmVhYTZmNTRjNGJlOWZhYmFmNjgwZmRlZmRiZTk0OTU4M2JhIn0%3D
www.getinfosec.news/	1970-01-19 21:06:12	Name: newsy_session Value: eyJpdiI6InBtL3d0ZXBkekV6Ykx2cDNMRGl0b0E9PSIsInZhbHVlIjoiT200Y1c5cFNCRStqV0UyaE1WRkhPVEM3Ym9RSjIyZE9nSmhYbWZRaDJlQlRIbmZ0eW5ZUVVpQlQxMVR6Tkx2VnpIOHo2bytLZU1XLzM5cHdLZnVyMjUrZld2UnNpTGhVZ3BvNmxON00vb2w4SEFUMUd0dXovZXZodXZtM3pVcGciLCJtYWMiOiJjMzBmZmE1ODk1MWVkNzAyNzczYzMzMzQzZjhkZDkzNmY4YTM3MGQ1MTk1ZWE4YTcxNWU5YjkyMWU0ODE4Mzk2In0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?#/ Message: Mixed Content: The page at 'https://www.getinfosec.news/9239661/new-0-day-attack-targeting-windows-users-with-microsoft-office-documents?#/' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~r/TheHackersNews/~4/8XfTlHB1Kh8'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
a4.espncdn.com
archive.org
cdn.jsdelivr.net
cdn2.iconfinder.com
cdnjs.cloudflare.com
feeds.feedburner.com
fonts.googleapis.com
fonts.gstatic.com
i.dailymail.co.uk
ia803400.us.archive.org
images.cointelegraph.com
img.icons8.com
js.stripe.com
m.stripe.com
m.stripe.network
newsyapp.s3.ap-southeast-2.amazonaws.com
stats.g.doubleclick.net
the-public-domain-review.imgix.net
unpkg.com
www.getinfosec.news
www.google-analytics.com
www.googletagmanager.com
151.101.0.176
151.101.2.132
207.241.224.2
207.241.232.190
2606:4700:10::6816:92d
2606:4700:3037::6815:3673
2606:4700::6810:135e
2606:4700::6810:5814
2606:4700::6810:7baf
2a00:1450:400c:c07::9c
2a00:1450:400e:803::2008
2a00:1450:400e:80c::200e
2a00:1450:400e:80f::2001
2a00:1450:400e:80f::200a
2a00:1450:400e:80f::200e
2a00:1450:400e:810::2003
2a02:26f0:b200:1b9::16c2
2a02:6ea0:c900::5
2a04:4e42:9::720
52.222.138.129
52.42.231.203
52.95.134.46
92.122.192.25
13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00
18b93b90b196be3a9a206f050bfecd787220f9103dc9aa8c0349b41b5ac4e5e4
1a2969a29378d4ee5f0771e46e3d9e663a06ccc2101d97033442184fd7327355
206691f596376cd492db9185f9a8007928c6a580971958d9e5cf8df3616c25f9
20f5076d96f5660079f2b5f45bac9c79182edf8256a0644d056f5d76b115f4be
24653521ae7359c74cc9e9afe1b9fb774fe17b68e0a774589f242ab7d252f865
2b7ad361cce9dbab34c8fd714b379707d7aa40199bf90b90f9f19c7c1db5171b
2ca19963383a46a2cc4c97af98af5d81bd6935eb816a6be6bb8a6c1c7dab8591
30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f
4264587bd9b88e61a19925515353bf3f18f3ef58d13b11c98789bab4a63ed99a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
56f143801e13f9954cbeeea82f8e6d82b59d74305caee655394b1b631edbd811
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79d5c4a8dea63688823d68124f9c157aa38c0c2ec934d7a728d980226096649a
7bc44c473e8ac0f06b0d35b1d56f32c3debad196844dfc2a0a1d8b1fbf6eb645
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
92ea613270d1df64f254b35b96044cff459dcd34a5b8767743626866479ce38a
98d3a5fccaa779d0ec575379352e0db67f0586a187beea6418c778c5f3df6f24
a1a8769db6fd1e983f9dba8483855c7d9486e4ba9ca39c85bd352ad80ab74094
a221176dcb5730f2d57dcd643c210ed97a4d4a575a8c0cdd102246a606f00df4
a737a32f03d9f7e02a817d5a916c9633f920248ce0b22344c356e88ca8dd7518
a9df9f0a6f550a18866137721b158cdd0e866f670c730f138c44fb3b3c373b6b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c5ae4e1d884f3b1560e9620e27a1d69accc86fb04fe6b497c626c391c83be204
cc2604e4b0c63665fe5c730c319b560b47ef23b9dad0e6a6b5a9192a428afe17
ccc66952c3716f381168ba983b96bf6f58a68d9f4ecf1ed960a10581b559acd3
d8cb41a746018d6a10cdc6eb0401664494d7d0e6dbda80d6b86be570febd9efb
dadb3cc5d2f39d2ce8d7086f952917fa40f2577c89a54977f4223618fc7d0541
ddffc1fb5857d5643c0113e624d013e677a00538184616877dbce212abbbfc41
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6
e9db9f4845d50ce4cfb88a6d0f81f3ce432e2d0893684b5c4819c87732b6b875
ebe7f14bba97f98b8bfc5d1e959dbbfe26509adc4bfb32b27f55b52d204776d1
ee3131f75a3a0e9d3493e9b1db464664c88536e55a7c7d07095132f9e695c773
f76c3cf15fc3f9f7e8d4faa34bdc1df43d03c2009090db4e78542137768bb550
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.getinfosec.news Open in urlscan Pro 2606:4700:3037::6815:3673 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

65 %IPv6

21 Domains

23 Subdomains

22 IPs

7 Countries

1566 kBTransfer

3526 kBSize

9 Cookies

11 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.getinfosec.news Open in urlscan Pro
2606:4700:3037::6815:3673 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

65 %
IPv6

21
Domains

23
Subdomains

22
IPs

7
Countries

1566 kB
Transfer

3526 kB
Size

9
Cookies

47 HTTP transactions
0 data transactions